Presentation is loading. Please wait.

Presentation is loading. Please wait.

DIGITAL CERTIFICATE & SSL PRESENTED BY, SWAPNA ERABATHINI.

Published byJustina Tucker Modified over 9 years ago

Similar presentations

Presentation on theme: "DIGITAL CERTIFICATE & SSL PRESENTED BY, SWAPNA ERABATHINI."— Presentation transcript:

1 DIGITAL CERTIFICATE & SSL PRESENTED BY, SWAPNA ERABATHINI

2 CONTENTS What is SSL ? SSL Hand Shake Process Man-in-the-Middle Attack SSL Connection

3 SOCKET LAYER Socket Layer lives between Application & Transport Layer APPLICATION TRANSPORT.... Socket layer What is SSL ? -S ecured S ocket L ayer -It’s a protocol lies between HTTP & TCP -Used for secured Internet transactions. (conti..)

4 -For example :- Let us consider a transaction to buy items at ebay.com 1.Be sure about the Site ie Authenticate the site 2. The credit card information information should be secure while transmitting i.e, - Confidentiality - Integrity

5 SSL HANDSHAKE PROCESS CLIENT SERVER 1 2 -SSL Version -Cipher List -Data Compression Methods -Session ID -Random Data R a 1 -SSL Version -Cipher -Data Compression Methods -Session ID -Random Data R b - CERTIFICATE 2

6 How Client Verifies the Server Certificate ? Certificate has 2 sections - Data Section (Version No., Serial No.,Public Key Information, Distinguished Name (DN) of CA, Validity Period, Domain Name) - Signature Section (Cryptographic Algorithms, Digital Signature of CA) Validating Process - Issuing CA’s are trusted one. - Validate CA Digital Signature on Server Certificate. - Validate Current date to ensure it is within the validity period. - Domain Name match. - Server Certificate Verified.

7 CLIENT SERVER 1 2 (CONTI…) OF SSL HANDSHAKE {S} SERVER, E(h(msg,CLNT,K),K) (h(msg,SRVR,K) - S :- Pre-Master secret - msg :- All previous messages - CLNT & SRVR are constants - K :- h(S,R a,R b )

8 The SSL Keys Derived From K = h(S,R a,R b ) 2 keys are derived :- -Client and server session key production is a function of the CIPHER-CHOICE -The Key K produced by Client is called CLIENT-WRITE-KEY (SERVER- READ-KEY). -The Key K produced by Server is called SERVER-WRITE-KEY (CLIENT- READ-KEY). -For eg :- For SSL_CK_DES_64_CBC_WITH_MD5 Cipher KEY-MATERIAL-0 = MD5[ MASTER-KEY,R a, R b ] CLIENT-READ-KEY = KEY-MATERIAL-0[0-7] CLIENT-WRITE-KEY = KEY-MATERIAL-0[8-15]

9 THE MAN-IN-THE-MIDDLE ATTACK -The Bad Guy cannot authenticate himself as Server by Server Certificate. - The Bad Guy cannot decrypt the {S} server -Bad Guy own certificate fail - Client verifies the Signature on Bad Guy certificate.

10 SSL CONNECTIONS -It’s a efficient protocol -Opening new SSL connections if SSL sessions already exists. -Uses same symmetric key K -Avoids the expensive public key operation CLIENT SERVER Session ID,Cipher, R b, h(msg,SRVR,K) (h(msg,CLNT,K) Session ID,Cipher list, R a

11 Q & A

Download ppt "DIGITAL CERTIFICATE & SSL PRESENTED BY, SWAPNA ERABATHINI."

Similar presentations

CP3397 ECommerce.

CP3397 ECommerce.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
Lecture 6: Web security: SSL

Lecture 6: Web security: SSL
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security

Cryptography and Network Security
Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.

Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.
Secure Socket Layer.

Secure Socket Layer.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
1 SSL/TLS 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.

1 SSL/TLS 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.

SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
Chapter 7 Web Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.

Chapter 7 Web Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
CS682- Session 10 Prof. Katz. Well-Known Attacks By far the most common security vulnerabilities Attacks that Script-Kiddies are capable of performing.

CS682- Session 10 Prof. Katz. Well-Known Attacks By far the most common security vulnerabilities Attacks that Script-Kiddies are capable of performing.

Similar presentations

Ads by Google